apkpure app contained malicious adware, say researchers
APKPure App Found to Distribute Malicious Adware
APKPure, a popular platform for obtaining Android applications not available on the official Google Play Store, was recently discovered to be distributing malicious adware. This adware impacted users by inundating their devices with unsolicited advertisements.
Details of the Security Breach
Kaspersky Lab reported to APKPure on Thursday that version 3.17.18 of their application contained harmful code. This code operated surreptitiously, collecting data from users’ devices without their consent.
The malicious code also triggered the display of advertisements on lock screens and in the background. This activity was designed to fraudulently generate revenue for those behind the adware.
Researchers highlighted the potential for this malicious code to extend beyond adware. It possessed the capability to download additional malware, thereby escalating the risk for compromised users.
Source and Remediation
The investigation suggests that the malicious code, identified as a software development kit (SDK), was integrated from an untrusted source by the APKPure developers.
Following notification, APKPure promptly removed the offending code and released an updated version, 3.17.19. The compromised version is no longer available for download on their website.
About APKPure
Established in 2014, APKPure provides Android users with access to a comprehensive library of applications and games. This includes older versions and region-specific apps not found on the Google Play Store.
The platform subsequently launched its own Android application, available outside of Google Play, functioning as an alternative app store for direct downloads to Android devices.
APKPure consistently ranks among the most visited websites globally.
Risks of Third-Party App Stores
Security professionals have consistently cautioned against installing applications from sources outside official app stores. The quality and security of apps from these sources can vary significantly, as a substantial amount of Android malware requires users to install malicious apps from unofficial locations.
While Google implements scanning procedures for applications submitted to Google Play, vulnerabilities and malicious apps have occasionally bypassed these checks.
TechCrunch reached out to APKPure for a statement but received no response.
It is important to note that installing apps from unverified sources can expose devices to significant security risks.
Zack Whittaker
Contacting Zack Whittaker
Zack Whittaker currently serves as the security editor for TechCrunch, a prominent technology news outlet.
In addition to his editorial role, he curates and distributes a weekly cybersecurity focused newsletter titled "this week in security."
Secure Communication Channels
For those seeking to reach Mr. Whittaker through encrypted messaging, he is available on Signal under the username zackwhittaker.1337.
Alternative methods of contact include email. His official TechCrunch email address is zack.whittaker@techcrunch.com.
To ensure the legitimacy of any outreach, verification can be requested through the provided email address.
Important Note: Utilizing the email address is also recommended for verifying the authenticity of any communication claiming to be from Zack Whittaker.